Additive Secret Sharing and Share Proactivization ñ Using Python

Additive Secret Sharing and Share Proactivization are cryptographic techniques to share a password or other confidential data among a group of people. In this article, we will explain these techniques and implement Python code to demonstrate them.

Additive Secret Sharing

Additive secret sharing is a technique used in cryptography to share a secret string or a password among multiple parties, such that all of the parties must collaborate to reconstruct the secret. For example:

Original Secret Key: 1234
Generated five Shares: [-488, -55, -417, -720, 2914]
Reconstructed Secret: 1234

Explanation: The original secret password is split into 5 shares and distributed to 5 different people. None of them knows the original secret key, but when they come together and sum their shares (-488 + -55 + -417 + -720 + 2914 = 1234), they will get the original secret key.

Algorithm to Implement Additive Secret Sharing

• Initialize a secret number in a variable secret.
• Create a list shares of size n to hold the shares, where n is the number of parties.
• Fill the first n-1 positions of the list shares with random values.
• Now, compute the final share such that the sum of all shares equals the original secret number. ie, final_share = secret - sum(shares).
• Insert final_share into the last position of the list shares.
• Now, the shares list can be distributed to the different parties.
• To reconstruct the secret, sum all the shares received from the parties.

Example

Here is a simple Python implementation of additive secret sharing:

import random

def generate_additive_shares(secret, num_shares):
    # Generate n - 1 random shares
    shares = [random.randint(-1000, 1000) for _ in range(num_shares - 1)]

    # Compute the final share such that sum(shares) == secret
    final_share = secret - sum(shares)
    shares.append(final_share)

    return shares

def reconstruct_secret(shares):
    return sum(shares)

# Step 1: Original secret
secret = 1234
print(f"Original Secret Key: {secret}")

# Step 2: Generate shares
num_parties = 10
shares = generate_additive_shares(secret, num_parties)
print(f"Generated {num_parties} Shares: {shares}")

# Step 3: Reconstruct the secret from shares
reconstructed = reconstruct_secret(shares)
print(f"Reconstructed Secret Key: {reconstructed}")

The output of the above code will be:

Original Secret Key: 1234
Generated 10 Shares: [985, -893, -216, 310, -241, -448, 30, -874, 3, 2578]
Reconstructed Secret Key: 1234

Note: The generated values of the shares will vary each time you run the code due to the use of random numbers.

Share Proactivization

Share proactivization is a technique used on top of additive secret sharing to further enhance security by refreshing the shares periodically. This prevents hackers from getting information about the secret key by reverse engineering the shares for a long time.

Algorithm to Implement Share Proactivization

• Follow the steps of additive secret sharing to generate initial shares.
• For every time period t, call the generate_additive_share() function to generate new shares.
• Update the shares of each person with the new shares.
• Print the updated shares.

Example

Here is a simple Python implementation of share proactivization:

import random
def generate_additive_shares(secret, num_shares):
    # Generate n - 1 random shares
    shares = [random.randint(-1000, 1000) for _ in range(num_shares - 1)]

    # Compute the final share such that sum(shares) == secret
    final_share = secret - sum(shares)
    shares.append(final_share)

    return shares

def reconstruct_secret(shares):
    return sum(shares)

def proactivize_shares(shares, secret, num_parties):
    # Generate new shares
    new_shares = generate_additive_shares(secret, num_parties)
    
    # Update the shares with the new shares
    for i in range(len(shares)):
        shares[i] = new_shares[i]
    
    return shares

# Step 1: Original secret
secret = 7878
print(f"Original Secret Key: {secret}")

# Step 2: Generate initial shares
num_parties = 10
shares = generate_additive_shares(secret, num_parties)
print(f"Generated {num_parties} Shares: {shares}")

# Step 3: Reconstruct the secret from shares
reconstructed = reconstruct_secret(shares)
print(f"Reconstructed Secret Key: {reconstructed}")

# Step 4: Proactivize shares
t = 1  # Time period
print(f"\nProactivizing shares at time period {t}...")
shares = proactivize_shares(shares, secret, num_parties)
print(f"Updated Shares: {shares}")

# Step 5: Reconstruct the secret from updated shares
reconstructed_updated = reconstruct_secret(shares)
print(f"Reconstructed Secret after Proactivization: {reconstructed_updated}")

The output of the above code will be:

Original Secret Key: 7878
Generated 10 Shares: [-163, -91, -128, -21, -75, 821, 451, -522, -666, 8272]
Reconstructed Secret Key: 7878
Proactivizing shares at time period 1...
Updated Shares: [924, 227, 413, -945, 973, -824, 108, 481, 330, 6191]
Reconstructed Secret Key after Proactivization: 7878

Conclusion

Additive Secret Sharing and Share Proactivization are techniques that can be used to secure the sharing of sensitive information among a group of participants. Python provides built-in libraries such as cryptography, shamir-mnemonic to directly implement these techniques without writing any custom code.